Skip to content

[WTF] Make UTF-8 StringImpl::create defensive against concurrent content modification#62311

Merged
webkit-commit-queue merged 1 commit intoWebKit:mainfrom
Constellation:eng/WTF-Make-UTF-8-StringImpl-create-defensive-against-concurrently-content-modification
Apr 9, 2026
Merged

[WTF] Make UTF-8 StringImpl::create defensive against concurrent content modification#62311
webkit-commit-queue merged 1 commit intoWebKit:mainfrom
Constellation:eng/WTF-Make-UTF-8-StringImpl-create-defensive-against-concurrently-content-modification

Conversation

@Constellation
Copy link
Copy Markdown
Member

@Constellation Constellation commented Apr 8, 2026
edited by webkit-early-warning-system
Loading

83b6ec3

[WTF] Make UTF-8 StringImpl::create defensive against concurrent content modification
https://bugs.webkit.org/show_bug.cgi?id=311771
rdar://173601233

Reviewed by Mark Lam and Sosuke Suzuki.

It seems that some of JSC clients are using StringImpl::create wrongly,
and modifying the passed content concurrently. Previously, it was a bit
gracefully handled without SIMDUTF, but new code requires this invariant
more strictly and getting release-assert when this is broken. Modifying
concurrently is not allowed and that's a client bug, but anyway, let's
make it a bit defensive against such a behavior. This patch uses
pre-allocated maximally-possible sized Vector and using
simdutf::convert_utf8_to_utf16 instead.

* Source/WTF/wtf/text/StringImpl.cpp:
(WTF::StringImpl::create):

Canonical link: https://commits.webkit.org/310857@main

5a68384

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac ✅ 🛠 wpe ✅ 🛠 win ✅ 🛠 ios-apple
✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug ✅ 🧪 wpe-wk2 ✅ 🧪 win-tests loading 🛠 mac-apple
✅ 🧪 webkitperl ✅ 🧪 ios-wk2 ✅ 🧪 api-mac ✅ 🧪 api-wpe ✅ 🛠 vision-apple
✅ 🧪 ios-wk2-wpt ✅ 🧪 api-mac-debug ✅ 🛠 gtk3-libwebrtc
✅ 🛠 🧪 jsc ✅ 🧪 api-ios ✅ 🧪 mac-wk1 ✅ 🛠 gtk
✅ 🛠 🧪 jsc-debug-arm64 ✅ 🛠 ios-safer-cpp ✅ 🧪 mac-wk2 ✅ 🧪 gtk-wk2
✅ 🛠 vision ✅ 🧪 mac-AS-debug-wk2 ✅ 🧪 api-gtk
✅ 🛠 vision-sim ✅ 🧪 mac-wk2-stress ✅ 🛠 playstation
✅ 🛠 🧪 unsafe-merge ✅ 🧪 vision-wk2 ✅ 🧪 mac-intel-wk2 ✅ 🛠 jsc-armv7
✅ 🛠 tv ✅ 🛠 mac-safer-cpp ✅ 🧪 jsc-armv7-tests
✅ 🛠 tv-sim
✅ 🛠 watch
✅ 🛠 watch-sim

@Constellation Constellation self-assigned this Apr 8, 2026
@webkit-early-warning-system
Copy link
Copy Markdown
Collaborator

webkit-early-warning-system commented Apr 8, 2026
edited
Loading

EWS run on previous version of this PR (hash edca997)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style 🛠 ios 🛠 mac 🛠 wpe 🛠 win ⏳ 🛠 ios-apple
🛠 ios-sim 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ⏳ 🛠 mac-apple
✅ 🧪 webkitperl 🧪 ios-wk2 🧪 api-mac 🧪 api-wpe ⏳ 🛠 vision-apple
🧪 ios-wk2-wpt 🧪 api-mac-debug 🛠 gtk3-libwebrtc
🛠 🧪 jsc 🧪 api-ios 🧪 mac-wk1 🛠 gtk
🛠 🧪 jsc-debug-arm64 🛠 ios-safer-cpp 🧪 mac-wk2 🧪 gtk-wk2
🛠 vision 🧪 mac-AS-debug-wk2 🧪 api-gtk
🛠 vision-sim 🧪 mac-wk2-stress 🛠 playstation
🧪 vision-wk2 🧪 mac-intel-wk2 ❌ 🛠 jsc-armv7
🛠 tv 🛠 mac-safer-cpp ❌ 🧪 jsc-armv7-tests
🛠 tv-sim
🛠 watch
🛠 watch-sim

@Constellation Constellation requested a review from a team April 8, 2026 22:55
@Constellation Constellation force-pushed the eng/WTF-Make-UTF-8-StringImpl-create-defensive-against-concurrently-content-modification branch from edca997 to 8f70071 Compare April 8, 2026 22:57
@webkit-early-warning-system
Copy link
Copy Markdown
Collaborator

webkit-early-warning-system commented Apr 8, 2026
edited
Loading

EWS run on previous version of this PR (hash 8f70071)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style 🛠 ios 🛠 mac ✅ 🛠 wpe 🛠 win ⏳ 🛠 ios-apple
loading 🧪 bindings 🛠 ios-sim 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ⏳ 🛠 mac-apple
✅ 🧪 webkitperl 🧪 ios-wk2 🧪 api-mac 🧪 api-wpe ⏳ 🛠 vision-apple
🧪 ios-wk2-wpt 🧪 api-mac-debug 🛠 gtk3-libwebrtc
🛠 🧪 jsc 🧪 api-ios 🧪 mac-wk1 ✅ 🛠 gtk
🛠 🧪 jsc-debug-arm64 🛠 ios-safer-cpp 🧪 mac-wk2 🧪 gtk-wk2
🛠 vision 🧪 mac-AS-debug-wk2 🧪 api-gtk
🛠 vision-sim 🧪 mac-wk2-stress 🛠 playstation
🧪 vision-wk2 🧪 mac-intel-wk2 🛠 jsc-armv7
🛠 tv 🛠 mac-safer-cpp 🧪 jsc-armv7-tests
🛠 tv-sim
🛠 watch
🛠 watch-sim

@Constellation Constellation changed the title [WTF] Make UTF-8 StringImpl::create defensive against concurrently content modification [WTF] Make UTF-8 StringImpl::create defensive against concurrent content modification Apr 8, 2026
@Constellation Constellation force-pushed the eng/WTF-Make-UTF-8-StringImpl-create-defensive-against-concurrently-content-modification branch from 8f70071 to 5a68384 Compare April 8, 2026 23:01
@webkit-early-warning-system
Copy link
Copy Markdown
Collaborator

webkit-early-warning-system commented Apr 8, 2026
edited
Loading

EWS run on current version of this PR (hash 5a68384)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac ✅ 🛠 wpe ✅ 🛠 win ✅ 🛠 ios-apple
✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug ✅ 🧪 wpe-wk2 ✅ 🧪 win-tests loading 🛠 mac-apple
✅ 🧪 webkitperl ✅ 🧪 ios-wk2 ✅ 🧪 api-mac ✅ 🧪 api-wpe ✅ 🛠 vision-apple
✅ 🧪 ios-wk2-wpt ✅ 🧪 api-mac-debug ✅ 🛠 gtk3-libwebrtc
✅ 🛠 🧪 jsc ✅ 🧪 api-ios ✅ 🧪 mac-wk1 ✅ 🛠 gtk
✅ 🛠 🧪 jsc-debug-arm64 ✅ 🛠 ios-safer-cpp ✅ 🧪 mac-wk2 ✅ 🧪 gtk-wk2
✅ 🛠 vision ✅ 🧪 mac-AS-debug-wk2 ✅ 🧪 api-gtk
✅ 🛠 vision-sim ✅ 🧪 mac-wk2-stress ✅ 🛠 playstation
✅ 🛠 🧪 unsafe-merge ✅ 🧪 vision-wk2 ✅ 🧪 mac-intel-wk2 ✅ 🛠 jsc-armv7
✅ 🛠 tv ✅ 🛠 mac-safer-cpp ✅ 🧪 jsc-armv7-tests
✅ 🛠 tv-sim
✅ 🛠 watch
✅ 🛠 watch-sim

MenloDorian
MenloDorian approved these changes Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown

@MenloDorian MenloDorian left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

r=me

@Constellation Constellation added the unsafe-merge-queue Applied to send a pull request to merge-queue, but skip building and testing label Apr 9, 2026
@Constellation
[WTF] Make UTF-8 StringImpl::create defensive against concurrent cont…
83b6ec3 
…ent modification

https://bugs.webkit.org/show_bug.cgi?id=311771
rdar://173601233

Reviewed by Mark Lam and Sosuke Suzuki.

It seems that some of JSC clients are using StringImpl::create wrongly,
and modifying the passed content concurrently. Previously, it was a bit
gracefully handled without SIMDUTF, but new code requires this invariant
more strictly and getting release-assert when this is broken. Modifying
concurrently is not allowed and that's a client bug, but anyway, let's
make it a bit defensive against such a behavior. This patch uses
pre-allocated maximally-possible sized Vector and using
simdutf::convert_utf8_to_utf16 instead.

* Source/WTF/wtf/text/StringImpl.cpp:
(WTF::StringImpl::create):

Canonical link: https://commits.webkit.org/310857@main
@webkit-commit-queue webkit-commit-queue force-pushed the eng/WTF-Make-UTF-8-StringImpl-create-defensive-against-concurrently-content-modification branch from 5a68384 to 83b6ec3 Compare April 9, 2026 19:06
@webkit-commit-queue
Copy link
Copy Markdown
Collaborator

webkit-commit-queue commented Apr 9, 2026

Committed 310857@main (83b6ec3): https://commits.webkit.org/310857@main

Reviewed commits have been landed. Closing PR #62311 and removing active labels.

@webkit-commit-queue webkit-commit-queue merged commit 83b6ec3 into WebKit:main Apr 9, 2026
@webkit-commit-queue webkit-commit-queue removed the unsafe-merge-queue Applied to send a pull request to merge-queue, but skip building and testing label Apr 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sosukesuzuki sosukesuzuki sosukesuzuki approved these changes

@MenloDorian MenloDorian MenloDorian approved these changes

Assignees

@Constellation Constellation

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Constellation @webkit-early-warning-system @webkit-commit-queue @sosukesuzuki @MenloDorian